MISA-Lesotho is concerned that the lack of consultation and vague clauses in the Computer Crime and Security Bill risk undermining freedom of expression and media freedom.
This statement was originally published on lesotho.misa.org on 14 April 2025.
As Lesotho goes on with promises to implement national reforms, the story of Zambia is particularly relevant. Zambia’s recent experience with its Cyber Bills is a stark reminder of how legislation, when introduced without transparency or public participation, can have unexpected repercussions that undermine democratic norms.
As the digital landscape evolves, Southern African countries are racing to pass legislation addressing cyber risks, data protection and digital communication. Zambia’s Cyber Bills offer a valuable lesson for many countries in Africa pursuing similar legislative changes.
The Zambian government promulgated two controversial cyber bills in late March 2025; the Cyber-crimes Bill and the Cyber-security Bill. These pieces of legislation were introduced in The Zambia to tackle escalating cyber-crime, strengthen national digital infrastructure and protect citizens online. While the intentions behind the law may be progressive, their content and the procedure by which they were developed have sparked severe criticism from human rights advocates and media watchdogs.
The Media Institute of Southern Africa (MISA), a regional body that promotes press freedom and media development, has taken a strong stance against the bills; in an open letter addressed to Zambian President, Hakainde Hichilema, MISA pleads with him not to sign the bills into law, warning that the two bills fell short of meeting human rights standards.
Jeremias Langa, the newly elected Chairperson of MISA Regional Governing Council (RGC), emphasises that, while cyber-security is unquestionably necessary, it must not be at the expense of human rights. He argues that the Cyber Bills fell short of international human rights norms and lack adequate measures to prevent abuse by state actors. Langa warns that the measures may lead to mass monitoring, dissent repression and unlawful arrests, all of which have already beset media practitioners and opposition voices across the continent.
Langa’s argument echoes with the position of MISA Lesotho on the controversial Computer Crime and Cyber-security Bill of Lesotho since 2021.
On March 31st 2021, MISA Lesotho issued a media statement to express a deep concern over no consultations made by the Ministry of Communications, Science and Technology with stakeholders before the Computer Crime and Cyber security Bill (2021) was tabled in parliament by the then relevant minister, Keketso Sello, on March 23rd.
On June 7th 2021, MISA Lesotho made a presentation before a parliament’s portfolio committee of the Prime Minister’s Ministries, Departments, Foreign Relations and Information. Among others, MISA Lesotho flagged the following issues about the Bill:
- The Bill combines two sets of crimes, which may lead to a law that is vague and difficult to implement as one of the sets may not receive clear description or there may be conflation;
- Unclear description of illegal accessmay give law enforcement agencies during implementation, unwarranted powers to an extent that they infringe on freedom of expression of opinion enjoyed by members of society as access to information ordinarily may be deemed as illegal;
- Lack of clarity on what illegal accessmeans and its provision may affect media freedom as their access to information that may ordinarily be in the public domain or has to be accessed by the media may be deemed illegal.
In the report that the the portfolio committee presented before the National Assembly on September 14, 2021, the committee observed that the security agencies, namely Lesotho Defence Force, Lesotho Mounted Police Service, National Security Services and Lesotho Correctional Services “were excluded in the formulation of the Computer Crime and Cyber-security Bill, 2021”. The Committee further made the following observations, that:
- Inclusion of media houses and telecommunications agencies is very crucial in compilation of the Bill;
- All Security Agencies should be an integral part of the cyber-securitymanagement and should be represented in the National Cyber-security Advisory Council;
- The Bill deals with two major sets of crimes, computer Crimes and crimes of cyber-security. The two sets of crimes are comprehensive enough to constitute two legal frameworks; and combination of two sets of crimes may lead to a law that is vague and difficult to implement.
Based on these findings, the Committee had since recommended to the National Assembly that “the Minister responsible for Communications (Tšoinyana Samuel Rapapa) be afforded an opportunity to withdraw the said Computer Crime and Cyber-security Bill, 2021 for the Minister to revisit the Bill”.
As Lesotho goes on with promises to implement national reforms, the story of Zambia is particularly relevant. Zambia’s recent experience with its Cyber Bills is a stark reminder of how legislation, when introduced without transparency or public participation can have unexpected repercussions that undermine democratic norms.
While Zambia attempted to strengthen control over online spaces, a lack of genuine consultation with stakeholders such as legal experts and civil society organisations raised significant concerns about government overreach, censorship and the erosion of human freedoms.
For Lesotho it is important to make sure that any reforms are inclusive, transparent, and based on the defence of fundamental freedoms, especially those that deal with governance, the law, or citizen rights.
The current government, which was elected in the October 2022 national elections, has decided to reinstate the controversial Cyber-security and Computer Crimes Bill at the stage it had reached before the dissolution of the 10th Parliament. This is pursuant to Standing Order No. 105 (B).
MISA-Lesotho and its allies appealed to the Minister of Information, communications, Science and Technology and Innovation, Nthati Moorosi, to withdraw the Bill and hear them out.
The Minister called a Computer Crimes and Cyber-security Bill Dialogue for civil society and stakeholders on June 8, 2023. MISA-Lesotho, in collaboration with other four civil society organisations – Transformation Resource Centre (TRC), Development for Peace Education (DPE), MNN – Centre for Investigative Journalism (MNN-CIJ) and Lesotho Council of NGOs (LCN) made a verbal presentation to the mister on their views and concerns on the Bill.
The Bill had not been reviewed since 2021, so the civil society concerns remained the same.
The Ministry’s directors responded to the civil society concerns. The exchange of information and ideas in this platform created a platform for mutual understanding on the critical issues that the civil society had raised regarding the Bill.
In August 2023, the minister again granted MISA Lesotho an opportunity to submit a written and oral presentation before a team of experts drawn from the ministry and its stakeholders.
MISA Lesotho was presented with a grand encounter with the ministry’s team, with representation drawn from the Lesotho Communications Authority (LCA), telecommunication service providers and financial institutions.
During this engagement, MISA Lesotho recommended that the engagement with all stakeholders has to be broadened to also cover the entire media industry and the citizenry.
According to the National Director of MISA Lesotho, Lekhetho Ntsukunyane, the advent of governments in the Southern African region promulgating cyber-security and computer crimes laws has gained currency in the last decade or so.
“This has been prompted by the prevalence of crimes committed on the cyberspace by disingenuous citizens who harass, intimidate and stalk as well as extort others on the digital space,” Ntsukunyane said.
Also, he added, there is an upsurge of digital crimes such as computer fraud. The complexity of governing the digital space is presented by many factors, “one being that governance protocols on the cyberspace are slow, complex and not easy to implement as compared to the criminality taking place offline,” he said.
MISA-Lesotho, according to Ntsukunyane, supports the promulgation of laws and the formulation of policies regulating the cyberspace, “particularly to protect citizens against malpractices on the digital space or Cyber and computer crimes.”
However, what is critical is when the proposed regulatory framework in the form of a law goes overboard in the purported protection of citizens and has the potential to infringe on the right to freedom of expression of opinion and access to information, Ntsukunyane argued.
Meanwhile, the Constitution of Lesotho of 1993, provides, under Section 14 that: “Every person shall be entitled to, and (except with his own consent) shall not be hindered in his enjoyment of freedom of expression, including freedom to hold opinions without interference, freedom to receive ideas and information without interference, freedom to communicate ideas and information without interference (whether the communication be to the public generally or to any person or class of persons) and freedom from interference with his correspondence”.
